Security

All Glink’s TCP/IP communications protocols support a choice of the Secure Socket Layer or Secure Shell encryption and authentication protocols

This gives you security on your Telnet, Rlogin, TN3270/TN3270E, TN5250/TN5250E, TNVIP and Ggate connections to your legacy systems, and for FTP file transfers.

Secure Socket Layer (SSL/TLS)

Glink can be configured to use the Secure Sockets Layer (SSL/TLS) included in Microsoft’s Secure Channel (SChannel) security package on all supported Windows releases to provide secure communications.

When using Glink, privacy is ensured by use of encryption on all Secure Socket connections. Additionally, X509 certificates from a trusted certificate authority can be used to authenticate the mainframe, the client or both.

You set SSL/TLS for any Glink TCP/IP interface by checking the ‘Use secure sockets’ radio button in the ‘Security’ pane of the Windows sockets configuration dialog box. This gives you encryption using default values.

In the advanced settings you can configure authentication of the server, both by validating its certificate and validating that the server name is correct.

You can also choose to override the Automatic selection of security protocol and key exchange protocol.

Secure Shell (SSH)

Glink can be configured to use Secure Shell (SSH) Glink’s SSHD network interface is used for communication with a Secure Shell Daemon (SSHD) over a TCP/IP network. When you select the interface you open a secure channel to the SSHD server system, and are presented with a command line (shell).

Glink allows you to use the SSHD system to provide SSH tunneling for your other TCP/IP line interfaces; for example, Telnet connections to the SSH system, or via the SSH system to other systems. Glink allows you to do this by providing an SSH interface for all of the TCP/IP protocols. To use SSH with one of these you select the interface you want and check the radio button for SSH in the security group of the chosen interface’s configuration dialog box.

When using Glink, privacy is ensured by use of encryption on all Secure Shell connections. You must have an SSH logon name and password for the SSHD server to which you connect. In the advanced settings you must configure the Secure Shell Daemon server address, and you can configure your name and password. If you would like to use Public Key authentication of your Glink you can store your private key in the file system, in which case the SSHD password can be used for the passphrase needed to access it. You can also choose to override the Automatic selection of security protocol and key exchange protocol.